Browse Source

[multiple] fix TLS config string parsing

flagged by coverity

(incomplete fix a few commits back)
master
Glenn Strauss 5 months ago
parent
commit
915b4ef3fc
  1. 14
      src/mod_gnutls.c
  2. 8
      src/mod_mbedtls.c

14
src/mod_gnutls.c

@ -385,11 +385,20 @@ mod_gnutls_session_ticket_key_check (server *srv, const plugin_data *p, const ti
if (NULL == session_ticket_key.data) return;
session_ticket_key.size = TICKET_MASTER_KEY_SIZE;
}
#ifndef __COVERITY__
memcpy(session_ticket_key.data,
stek->tick_key_name, TICKET_MASTER_KEY_SIZE);
#ifndef __COVERITY__
gnutls_memset(stek->tick_key_name, 0, TICKET_MASTER_KEY_SIZE);
#else
char * const data = (char *)session_ticket_key.data;
memcpy(data,
stek->tick_key_name, TLSEXT_KEYNAME_LENGTH);
memcpy(data+TLSEXT_KEYNAME_LENGTH,
stek->tick_hmac_key, TLSEXT_TICK_KEY_LENGTH);
memcpy(data+TLSEXT_KEYNAME_LENGTH+TLSEXT_TICK_KEY_LENGTH,
stek->tick_aes_key,
TICKET_MASTER_KEY_SIZE
- TLSEXT_KEYNAME_LENGTH + TLSEXT_TICK_KEY_LENGTH);
gnutls_memset(stek->tick_key_name, 0, TLSEXT_KEYNAME_LENGTH);
gnutls_memset(stek->tick_hmac_key, 0, TLSEXT_TICK_KEY_LENGTH);
gnutls_memset(stek->tick_aes_key, 0, TLSEXT_TICK_KEY_LENGTH);
@ -3095,6 +3104,7 @@ mod_gnutls_ssl_conf_ciphersuites (server *srv, plugin_config_socket *s, buffer *
const char * const p = e+1;
e = strchr(p, ':');
size_t len = e ? (size_t)(e - p) : strlen(p);
if (0 == len) continue;
if (len >= sizeof(n)) {
log_error(srv->errh, __FILE__, __LINE__,
"GnuTLS: skipped ciphersuite; too long: %.*s",
@ -3226,7 +3236,7 @@ mod_gnutls_ssl_conf_ciphersuites (server *srv, plugin_config_socket *s, buffer *
continue;
}
if (*e != ':' && *e != '\0') {
{
log_error(srv->errh, __FILE__, __LINE__,
"GnuTLS: error: missing support for cipher list: %.*s",
(int)len, p);

8
src/mod_mbedtls.c

@ -3236,6 +3236,7 @@ mod_mbedtls_ssl_conf_ciphersuites (server *srv, plugin_config_socket *s, buffer
const char * const p = e+1;
e = strchr(p, ':');
size_t len = e ? (size_t)(e - p) : strlen(p);
if (0 == len) continue;
if (len >= sizeof(n)) {
log_error(srv->errh, __FILE__, __LINE__,
"MTLS: skipped ciphersuite; too long: %.*s",
@ -3505,7 +3506,7 @@ mod_mbedtls_ssl_conf_ciphersuites (server *srv, plugin_config_socket *s, buffer
continue;
}
if (*e != ':' && *e != '\0') {
{
log_error(srv->errh, __FILE__, __LINE__,
"MTLS: error: missing support for cipher list: %.*s",
(int)len, p);
@ -3530,6 +3531,11 @@ mod_mbedtls_ssl_conf_ciphersuites (server *srv, plugin_config_socket *s, buffer
if (-1 == nids) return 0;
}
if (nids >= idsz) {
log_error(srv->errh, __FILE__, __LINE__,
"MTLS: error: too many ciphersuites during list expand");
return 0;
}
ids[++nids] = 0; /* terminate list */
++nids;

Loading…
Cancel
Save